Flaw In Many Intel CPUs Puts Businesses At Risk

Normally when we talk about security issues with computers we are looking specifically at a flaw discovered in Windows or a flaw with an individual application that might let hackers gain unintended control of a system. Most times, it’s the software that’s the real problem, and the hardware components of our computers are just doing what a hacker managed to tell them to do. That’s not the case this time. Last week, it was revealed that several Intel processor lines stretching all the way back to 2010 have a serious flaw in their remote management support that can let hackers completely take over a computer or server as long as they can see it from the web.

The issue seems to be with Intel’s “Active Management Technology” feature that lets IT departments remotely set up and monitor computers equipped with a number of different Intel CPUs aimed as business users. These CPUs that can do everything from turning a computer on even when it is off, to controlling its keyboard and mouse, to reading files off the disk, to seeing what’s on the screen, to changing just about every setting imaginable. Basically, if a hacker is able to get access to this flaw through an improperly secured network, he or she will have complete control over that system and can easily kill it or continuously steal secrets from it.

And, that’s not all. New reports are now saying that the login screen that was meant to keep unauthorized users from taking control of computers with these Intel chips simply does not work. A hacker can simply leave the password field blank and a chunk of poorly written code will give them complete access as if they knew the correct password. This kind of hack is also especially hard to detect because when a hacker activates this Active Management Technology system within affected Intel processors, the processor by and large keeps all of the hacker’s future actions from being logged by any of the normal security systems built into Windows or network management software.

Intel says it is working on a fix for this flaw, but even this is not much comfort. In many cases, Intel will release the fix to manufacturers, but it is up to the manufacturer to make that fix available for all the different computer configurations they have sold over the past seven years. If a business bought its computers on the cheap or didn’t spring for an extended warranty, or support contract, they may be out of luck. And even if the fix does become available, it will have to be applied to each affected workstation and server individually. Maybe that’s not so bad for a small business that only own a few computers, but it could end up being a nightmare for large corporations.

This is one of the most serious computer security flaws in years, and it is almost certainly being exploited by hackers right now. ETV Software can help your business determine if its computers are vulnerable and you apply the fix to your systems as soon as it is released. We can also help you disable the troublesome parts of affected systems until the permanent fix comes out. If you want to know more, get in contact with us today.